View8

View8 is a static analysis tool designed to decompile serialized V8 bytecode objects (JSC files) into high-level readable code. To parse and disassemble these serialized objects, View8 utilizes a patched compiled V8 binary. As a result, View8 produces a textual output similar to JavaScript.

Requirements

Python 3.x
Disassembler binary. Available versions:

V8 Version 9.4.146.24 (Used in Node V16.x)
V8 Version 10.2.154.26 (Used in Node V18.x)
V8 Version 11.3.244.8 (Used in Node V20.x)

For compiled versions, visit the releases page.

Usage

Command-Line Arguments

input_file: The input file name.
output_file: The output file name.
--path, -p: Path to disassembler binary (optional).
--disassembled, -d: Indicate if the input file is already disassembled (optional).
--export_format, -e: Specify the export format(s). Options are v8_opcode, translated, and decompiled. Multiple options can be combined (optional, default: decompiled).

Basic Usage

To decompile a V8 bytecode file and export the decompiled code:

python view8.py input_file output_file

Disassembler Path

By default, view8 detects the V8 bytecode version of the input file (using VersionDetector.exe) and automatically searches for a compatible disassembler binary in the Bin folder. This can be changed by specifing a different disassembler binary, use the --path (or -p) option:

python view8.py input_file output_file --path /path/to/disassembler

Processing Disassembled Files

To skip the disassembling process and provide an already disassembled file as the input, use the --disassembled (or -d) flag:

python view8.py input_file output_file --disassembled

Export Formats

Specify the export format(s) using the --export_format (or -e) option. You can combine multiple formats:

v8_opcode
translated
decompiled

For example, to export both V8 opcodes and decompiled code side by side:

python view8.py input_file output_file -e v8_opcode decompiled

By default, the format used is decompiled.

VersionDetector.exe

The V8 bytecode version is stored as a hash at the beginning of the file. Below are the options available for VersionDetector.exe:

-h: Retrieves a version and returns its hash.
-d: Retrieves a hash (little-endian) and returns its corresponding version using brute force.
-f: Retrieves a file and returns its version.

Building The Disassembler

Guide/disassembler/patch based on v8dasm and https://github.com/v8/v8/tree/11.3.244.8.

Check out your V8 version: https://v8.dev/docs/source-code
Apply the patch:
```
git apply v8.patch
```
Create a build configuration:
```
./tools/dev/v8gen.py x64.release
```

Edit the build flags in out.gn/x64.release/args.gn (copied the necessary ones from Node.js):

dcheck_always_on = false
is_component_build = false
is_debug = false
target_cpu = "x64"
use_custom_libcxx = false
v8_monolithic = true
v8_use_external_startup_data = false

v8_static_library = true
v8_enable_disassembler = true
v8_enable_object_print = true
v8_enable_pointer_compression = false

Build the static library:
```
ninja -C out.gn/x64.release v8_monolith
```

Compile the disassembler:

g++ -g -I. -Iinclude v8dasm.cpp -o v8dasm -fno-rtti -lv8_monolith -lv8_libbase -lv8_libplatform -ldl -Lout.gn/x64.release/obj/ -pthread -std=c++17

j4k0xb / view8 Goto Github PK

view8's Introduction

View8

Requirements

Usage

Command-Line Arguments

Basic Usage

Disassembler Path

Processing Disassembled Files

Export Formats

VersionDetector.exe

Building The Disassembler

view8's People

Contributors

Stargazers

view8's Issues

Can you help to build popular disassembler?

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent